Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Desparately Need Help with Vundo Infection. Unable to Run Malware Detector

  • Please log in to reply
1 reply to this topic

#1 siennaskye


  • Members
  • 3 posts
  • Local time:09:38 PM

Posted 16 September 2009 - 05:43 PM

Hopefully you all can help me! Please know that I am a novice so be patient with me!
I am running Windows XP Service Pack 2.

I have the following error on my computer: c:\windows\system32\belpzije.dll is not a valid image, etc.

All malware detectors have been blocked and VundoFix states no infection. I have attempted using MalwareBytes, SuperAntiSpyWare, Spyware S & D, Avast.

As soon as I start a scan with any Anti-Virus or Anti-Malware, it is automatically shuts down.

I have AVG Security Suite w/ Firewall (Free Edition) and Avast (Free) also downloaded.

I have downloaded Win32KDiag and here is the log:

Running from: C:\Documents and Settings\Bonita\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Bonita\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\$hf_mig$\KB913446\KB913446

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB917953\KB917953

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB933729\KB933729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB941644\KB941644

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB956844\KB956844

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB971961-IE8\KB971961-IE8

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll

[1] 2005-07-25 23:20:23 225792 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll (Microsoft Corporation)

[1] 2005-07-25 23:39:42 225792 C:\WINDOWS\$NtServicePackUninstall$\catsrv.dll (Microsoft Corporation)

[1] 2003-07-16 15:25:06 215040 C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll ()

[1] 2004-08-04 02:56:41 229888 C:\WINDOWS\$NtUninstallKB902400$\catsrv.dll (Microsoft Corporation)

[1] 2008-04-13 19:11:50 226304 C:\WINDOWS\ServicePackFiles\i386\catsrv.dll (Microsoft Corporation)

[1] 2008-04-13 19:11:50 226304 C:\WINDOWS\system32\catsrv.dll (Microsoft Corporation)

Cannot access: C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll

[1] 2005-07-25 23:20:23 625152 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll (Microsoft Corporation)

[1] 2005-07-25 23:39:43 625152 C:\WINDOWS\$NtServicePackUninstall$\catsrvut.dll (Microsoft Corporation)

[1] 2003-07-16 15:25:07 582656 C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll ()

[1] 2004-08-04 02:56:41 628224 C:\WINDOWS\$NtUninstallKB902400$\catsrvut.dll (Microsoft Corporation)

[1] 2008-04-13 19:11:50 625664 C:\WINDOWS\ServicePackFiles\i386\catsrvut.dll (Microsoft Corporation)

Thanks for you assistance!

BC AdBot (Login to Remove)


#2 siennaskye

  • Topic Starter

  • Members
  • 3 posts
  • Local time:09:38 PM

Posted 17 September 2009 - 07:31 PM

I also downloaded RootRepeal. It was disabled as well. Unable to run. Any suggestions or will I have to reformat?

Anyone out there????????

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users